The Drudge Report, along with horoscope.com, slacker.com, lyrics.com and others, got hit with malicious ads supplied through advertising networks that included DoubleClick, according to Mary Landesman, a ScanSafe researcher. Malicious ads on those sites last weekend attempted PDF and DirectShow exploits against visitors' desktops, she says ( ScanSafe's cloud-based scanning service detected a very high level of activity around the attack).

"The attack was dramatic," says Landesman, noting that the Web visitors against whom it was directed "would not have seen anything. Just an open PDF window when browsing. Adobe integrates with the browser so if you browse a Web site, it opens automatically. This was empty."

These empty windows, if only faintly noticed, are often a form of exploit, and this one sought to compromise the visitor's computer with a Trojan downloader. On the weekend of Sept. 19-21, a full 11% of all of the blocking defenses associated with ScanSafe's service were focused on these malicious ads.

"In terms of this has to be one of the biggest we've seen," Landesman says. While she wasn't able to say exactly how the attackers managed to take advantage of the advertising networks, sometimes the blame can be laid on "rogue affiliates" that feed in malvertisements, and evade notice, especially on weekends. "These criminals were clever, they did it on the weekend."